» obliqua.exe
Overview
Analysis
File Details
Downloads (6)

obliqua.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from ricardodolabella.com and multiple other hosts.

File name:

obliqua.exe

MD5:

07ff162fcbdbdca61e3728e5dafa4229

SHA-1:

6837e1f2a2842e7440c433b129b756a49bb390de

SHA-256:

08ea0b29ea68b79627ae0d0628c8ca667c337d33e47a5f5f12fedc665e07c4db

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 1:17:29 PM UTC (today)

File size:

778.5 KB (797,184 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:oo/T2H/6jBi5zZfq8s787zxEDOysvx4I/JjW20BVz79SrD6YCHFHyxdSrV:b2HF5bs4EOysvx4I/JjIBVdS8yj

Entry address:

0x9E8A8

Entry point:

55, 8B, EC, 83, C4, F4, 53, B8, C0, E6, 49, 00, E8, 2F, 7F, F6, FF, 8B, 1D, 44, 0A, 4A, 00, 8B, 03, E8, 56, C0, FA, FF, 8B, 03, BA, 5C, E9, 49, 00, E8, 66, BC, FA, FF, 8B, 0D, 18, 09, 4A, 00, 8B, 03, 8B, 15, DC, 27, 49, 00, E8, 4F, C0, FA, FF, 8B, 0D, 40, 08, 4A, 00, 8B, 03, 8B, 15, E8, 23, 49, 00, E8, 3C, C0, FA, FF, 8B, 0D, FC, 07, 4A, 00, 8B, 03, 8B, 15, D8, 21, 49, 00, E8, 29, C0, FA, FF, 8B, 0D, 24, 0B, 4A, 00, 8B, 03, 8B, 15, A0, 16, 49, 00, E8, 16, C0, FA, FF, 8B, 0D, D4, 09, 4A, 00, 8B, 03, 8B, 15... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

630.5 KB (645,632 bytes)

The file obliqua.exe has been seen being distributed by the following 6 URLs.

http://ricardodolabella.com/.../Obliqua.exe

https://doc-00-60-docs.googleusercontent.com/docs/securesc/51k692igpo1tmnaj4c852stet6epq39n/raicebp84o681hov68gvv93iso6fokb4/1463760000000/.../02907494415503398502/0B2enivtIriRFckxDRW5TQWhpeFk?e=download

https://acad.unoesc.edu.br/academico/portal/modules/.../download.jspa?codpub=294549

http://www.gdace.uem.br/romel/MDidatico/.../Obliqua.exe

http://professor.pucgoias.edu.br/SiteDocente/admin/arquivosUpload/16017/.../Obliqua.exe

http://www.cesec.ufpr.br/.../Obliqua.exe

Scan obliqua.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.